16-05-2025
Diet passes cyberdefense law to collect data in peacetime
The Active Cyber Defense (ACD) Law will allow the central government to hack into other parties' servers and render them harmless if there is any sign of a cyberattack. (Tetsuro Takehana)
The Upper House passed a bill introducing an active cyberdefense allowing the central government to collect communications data and ward off cyberattacks at a plenary session on May 16.
The ruling Liberal Democratic Party, junior coalition partner, Komeito, the major opposition Constitutional Democratic Party of Japan, Nippon Ishin (Japan Innovation Party), the Democratic Party for the People, and others voted for the bill, while the Japanese Communist Party, Reiwa Shinsengumi and others opposed it.
With the passage of the legislation, the central government can monitor the internet, collect and analyze communication information, and infiltrate and neutralize servers that cyberattacks originate from, even during peacetime.
Full-scale operation is expected to begin by the end of 2027.
The government will collect and analyze IP addresses, dates and times of transmissions, among other data, targeting communications originating from foreign countries and sent outside Japan via Japan, as well as communications between Japan and foreign countries.
The government explains that the essential contents of communications, such as the contents of emails, will not be subject to collection and analysis.
The cyber communications information supervisory board, an independent body that will be newly established, will monitor the government's operations.
In the Upper House, the opposition parties argued that communications information collected by the government could be used for purposes other than active cyberdefense, such as criminal investigations.
Prime Minister Shigeru Ishiba, who attended a meeting of the Upper House Cabinet Committee on May 15, said, 'Use beyond the scope of cybersecurity purposes is not acceptable. The supervisory board will continue to inspect whether it is being used appropriately.'
The five parties in favor of the bill jointly submitted and adopted a supplementary resolution at the time of its passage, calling on the government to limit the use of acquired information to cybersecurity measures.
During deliberations in the Lower House prior to the Upper House, the opposition parties argued that the bill could lead to restrictions on the 'secrecy of communications' guaranteed by Article 21 of the Constitution.
Therefore, six ruling and opposition parties jointly submitted an amendment to the bill, which was sent to the Upper House.
The amendment stated that the rights and freedoms of the people, including the secrecy of communications, 'must not be unreasonably restricted.'
